1004 matches found
June 9, 2026—KB5094042 (Monthly Rollup)
None None...
June 9, 2026—KB5094041 (Monthly Rollup)
None None...
Zyxel NAS Firmware 5.21- Remote Code Execution
Multiple Zyxel network-attached storage NAS devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. Zyxel NAS devices achieve authentication by using th...
EUVD-2026-35454
Insufficient input validation in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are...
CVE-2026-0419
Insufficient input validation in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are...
CVE-2026-0412
Insufficient input validation vulnerability in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in...
CVE-2026-0419 Insufficient input validation vulnerability in NETGEAR JR6150
Insufficient input validation in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are...
CVE-2026-0419
CVE-2026-0419 describes insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router, 802.11ac, dual-band; released 2014) that allows users on the local Wi‑Fi to execute operating system commands. The device is End-of-Support since 2018 with no planned security updates. The advisory notes t...
CVE-2026-0419 Insufficient input validation vulnerability in NETGEAR JR6150
Insufficient input validation in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are...
CVE-2026-0412 Insufficient input validation vulnerability in NETGEAR JR6150 Web UI
Insufficient input validation vulnerability in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in...
CVE-2026-0412 Insufficient input validation vulnerability in NETGEAR JR6150 Web UI
Insufficient input validation vulnerability in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in...
CVE-2026-0412
CVE-2026-0412 relates to the NETGEAR JR6150 Web UI and is described as an insufficient input validation vulnerability. The affected device is the NETGEAR JR6150 (AC750 WiFi Router, 2014 release) and the description states that administrators connected to the local network can make unauthorized mo...
June 9, 2026—KB5094126 (OS Builds 26200.8655 and 26100.8655)
None None...
KB5094006: Cumulative security update for Internet Explorer: June 9, 2026
None None...
PT-2026-47823
Name of the Vulnerable Software and Affected Versions NETGEAR JR6150 affected versions not specified Description Insufficient input validation allows users connected to local WiFi networks to execute operating system commands. This issue was identified through firmware emulation in a controlled...
Security Bulletin: IBM Technical Support Appliance is affected by a timing channel vulnerability in Bouncy Castle BC-JAVA
Summary IBM Technical Support Appliance TSA includes a vulnerable version of the Bouncy Castle BC-JAVA library bcprov-jdk18on-1.78.1.jar. A flaw in the FrodoEngine component may expose information through a covert timing channel, potentially affecting the confidentiality of cryptographic operatio...
Security Bulletin: IBM Technical Support Appliance is affected by an LDAP Injection Vulnerability in Bouncy Castle BC-JAVA
Summary IBM Technical Support Appliance TSA includes a vulnerable version of the Bouncy Castle BC-JAVA provider library bcprov-jdk18on-1.78.1.jar. A flaw in the BC-JAVA LDAP certificate store implementation LDAPStoreHelper could allow improper neutralization of special elements used in LDAP...
CVE-2026-42408
When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell tmsh command that may allow a highly privileged authenticated attacker to view sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-40435
When configured, IP-based access restrictions for httpd do not cover all endpoints, which may allow connections from blocked addresses. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-34176
When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support EoTS are not...